ClawHub

Csdn Article Publish(CSDN博客文章发布) Skills

Security checks across malware telemetry and agentic risk

Overview

This skill appears built for the stated CSDN blogging workflow, but it asks users to store live account authentication headers in a plaintext local config without adequate safety warnings.

Install only if you are comfortable giving the skill CSDN account-write capability. Keep csdn_config.json private, out of shared folders and version control, rotate or refresh CSDN login credentials if exposed, review csdn_article_map.json before relying on automatic article ID reuse, and confirm every update or publish command before running it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill description uses broad natural-language examples like '帮我写一篇XX文章,保存到CSDN' and '更新我CSDN上的某篇文章' without clearly constraining when the skill should or should not be invoked. In an agent setting, this can cause over-broad triggering and unintended access to local files, stored mappings, or publishing actions when a user's request only loosely matches the examples.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill instructs users to extract and store highly sensitive authentication material from browser developer tools, including Cookie, x-ca-signature, x-ca-key, and related headers, but does not provide an explicit security warning or safe-handling guidance. These values can enable account takeover or unauthorized article operations if exposed in logs, prompts, local files, or shared workspaces, and the skill further encourages persistence in a plaintext config file.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The troubleshooting guide instructs users to copy live authentication material such as Cookie and signing headers into a local configuration file, but it does not warn that these values are sensitive bearer-like credentials. This increases the chance that users will persist secrets in plaintext, mishandle them, or commit them to source control, enabling account takeover or unauthorized article publishing if the config file is exposed.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal